Software Industry Announcements and News
McAfee, Inc. to Offer Anti-Malware for Android
[ Comments Off ] Posted on 04.29.10 under Security & Privacy
McAfee VirusScan Mobile Technology Now Available Free of Charge at SK Telecom’s TStore
SANTA CLARA, Calif.–(BUSINESS WIRE)–McAfee, Inc. (NYSE:MFE) today announced the availability of its anti-malware solution to secure Android-based smartphones. The McAfee® VirusScan® Mobile technology is available now for users of Android and Windows Mobile-based smartphones from SK Telecom in Korea. The software can be downloaded at no additional charge by SK Telecom customers from SK Telecom’s mobile application store “TStore.”
Mobile Internet access and mobile service usage is growing rapidly and cyber criminals are expected to pay more attention to this sector. Mobile device platforms compete for innovation created by application developers and other content creators who are increasingly demanding more device access. As their requests grow in numbers and they distribute their products more widely, security breaches will be inevitable.
“Wherever mobile consumers go, threats will follow them,” says Jan Volzke, worldwide head of mobile marketing for McAfee. “McAfee is committed to tackling mobile threats. The introduction of McAfee VirusScan Mobile technology for Android allows McAfee to protect more consumers in more situations of their rapidly changing digital life.”
Once installed, McAfee VirusScan Mobile technology protects SK Telecom’s mobile devices from malware, secures personal information and helps ensure critical communication functions work while users are on the go. Featuring automatic protection updates the technology secures the mobile device as soon as new threats are found. Using real-time scanning it protects users from both known and suspicious Android-based malware. McAfee VirusScan Mobile technology is available now for the Motorola XT720, the first Android device available in Korea, and will soon be available for other planned Android phones.
“The user environment of a smartphone is similar to that of a PC, so many security issues can be applied equally,” said Hu jong Kim, service technique director of SK Telecom. “Infections can occur over message attachments, application downloads and Bluetooth. Through this partnership, we are pleased to now offer our SK Telecom users peace of mind that their smartphones have a new level of security.”1
McAfee has shipped mobile security technology on more than 100 million mobile devices and is a clear leader in the mobile security market. SK Telecom is the leading mobile carrier in South Korea with more than 50 percent market share and more than 20 million mobile subscribers. SK Telecom marks the first time that McAfee is providing McAfee VirusScan Mobile technology as an Android application download. McAfee has been offering its mobile protection technology for other device platforms since 2003.
About McAfee, Inc.
McAfee, Inc., headquartered in Santa Clara, California, is the world’s largest dedicated security technology company. McAfee is committed to relentlessly tackling the world’s toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. http://www.mcafee.com
McAfee and VirusScan are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. Other brands and names may be claimed as the property of others.
Sophos Reveals Latest Spam “Dirty Dozen”
[ Comments Off ] Posted on 04.28.10 under Security & Privacy
China Disappears from List of Top Spam-relaying Nations
BOSTON–(BUSINESS WIRE)–IT security and data protection firm Sophos has published its latest report on the top twelve spam-relaying countries, covering the first quarter of 2010. The United States continues its reign as the king of spam, relaying more than 13% of global spam, accounting for hundreds of millions of junk messages every day.
However, most dramatically, China – often blamed for cybercrime by other countries – has disappeared from the “dirty dozen,” coming in at 15th place with responsibility for relaying just 1.9% of the world’s spam.
The Top Twelve Spam-relaying Countries for January to March 2010:
1. United States 13.1%
2. India 7.3%
3. Brazil 6.8%
4. South Korea 4.8%
5. Vietnam 3.4%
6. Germany 3.2%
=9. United Kingdom 3.1%
=9. Russia 3.1%
=9. Italy 3.1%
10. France 3.0%
11. Romania 2.5%
12. Poland 2.4%
Others 47.3%
“All eyes aren’t so much on which countries are on the list, but the one which isn’t. China has earned itself a bad reputation in many countries’ eyes for being the launch pad of targeted attacks against foreign companies and government networks, but at least in the last 12 months they have demonstrated that the proportion of spam relayed by their computers has steadily declined,” said Graham Cluley, senior technology consultant at Sophos. “South Korea, Brazil, India and the United States account for more than 30% of all the spam relayed by hacked computers around the globe.”
Spam accounts for a staggering 97% of all email received by business email servers, putting both a strain on resources and accounting for a huge amount of time to lost productivity. Used largely as a method for selling counterfeit or illicit goods such as fake pharmaceuticals, luxury watches and false diplomas, virtually all spam comes from malware-infected computers (called botnets or zombies) that are controlled by cybercriminals.
Computer users can unwittingly allow their PCs to become part of a botnet in a number of ways, including clicking on malicious links that are frequently contained within the spam messages that the botnets are used to distribute. The only way for users and administrators to reduce the risk of being compromised is to run anti-spam and anti-malware protection and ensure all software and hardware is up-to-date with security patches.
By continent, Asia continues to dominate in spam, with more than a third of the world’s unsolicited junk email relayed by the region. Although the United States remains the top offender by country, North America as a whole has reduced its spam throughput since last quarter, dropping from second to third place. The breakdown of spam relaying by continent is as follows:
January to March 2010:
1. Asia 33.7%
2. Europe 31.2%
3. North America 16.9%
4. South America 14.7%
5. Africa 2.6%
Other 0.9%
Sophos recommends that companies automatically update their corporate virus protection, and run a consolidated solution at their email and web gateways to defend against spam and viruses. Computer users must remember to refrain from buying from spam campaigns as even those very few that do, keep spammers in business and motivated to continue clogging email boxes.
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry’s lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs – a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
Unraveling Software Piracy
[ Comments Off ] Posted on 04.26.10 under Security & Privacy
PARIS — April 20, 2010 — Say the word “counterfeits” and most people think of cheap knock-offs offered at flea markets or low-quality fake designer goods sold out of someone’s car trunk. These images are at odds with the real story behind software piracy. That story involves highly organized criminals operating sophisticated manufacturing plants to create near-exact replicas of genuine software.
These counterfeits are intended to deceive consumers into thinking they are buying the genuine article and are often sold at prices that are nearly the same as genuine software. However, while the counterfeit discs and packaging appear the same as legitimate software, the counterfeit software code itself can contain malware or viruses, or be stripped of critical security features that protect customers’ information and technology systems. This faulty code leaves consumers vulnerable to system failures and, even worse, to cybercriminals who roam the Internet for potential victims.
Combatting these counterfeits and the criminals behind them is the role of Microsoft’s David Finn and his team of piracy experts. They use cutting-edge intelligence and forensic techniques to track down global criminal counterfeiting syndicates and support law enforcement in more than 70 countries throughout the world. What’s more, says Finn, who heads the company’s anti-piracy investigations through its worldwide Legal and Corporate Affairs department: “We are increasingly collaborating with our own customers, who are providing critical information to help us identify software pirates, and addressing their concerns about the risks of using counterfeit software.”
This week the story gains international attention through a new counterfeiting exhibition at the Cité des Sciences et de l’Industrie (French Science and Industry Museum) in Paris. Microsoft will be part of this broader exhibit that showcases how different industries are affected by piracy, as well as the risks that consumers face. The company will represent the software industry with a video documentary about how partnering with law enforcement across several continents led to prosecution of a Chinese criminal syndicate in what became the largest counterfeit case in history. In addition, a number of genuine and counterfeit Microsoft products will be displayed to help consumers distinguish genuine software from counterfeit. Also on display will be the company’s latest technology used to identify and track down software pirates.
Says Blandine Savrda, commissioner at the Cite des Sciences et de l’Industrie: “This exhibition represents one of the largest combined efforts of government and industry coming together to speak out on the threats consumers face because of counterfeiting. If not for the collaboration of governments and private industry, the illegal trade of pirated products would continue to increase at an even higher rate.”
The software piracy world today, says Finn, is a vast web of large and small criminal enterprises, seeking to profit in a variety of ways. Consumers are increasingly the victims of pirated software riddled with malware, viruses and malicious code produced by counterfeiters who are happy to take their money without regard to the quality and integrity of the product they are passing off as the real thing.
One key study by IDC in 2006* showed that one in four Web sites offering counterfeit software attempted to install unwanted or malicious code upon downloading. This rate is rising, as found by Media Surveillance, an anti-piracy solutions company based in Germany, when it recently downloaded several hundred pirated copies of Windows and hacks and found that 32 percent contained malicious code.
The impact of harmful counterfeit software can be dramatic. Companies using pirated software are 73 percent more likely to experience a loss of data and 43 percent more likely to have computer failures lasting 24 hours or longer, accordingly to a Harrison Group study. “We are telling this story in order to underscore the fact that counterfeit products can be much more expensive than people think, putting people’s business and financial information at risk. And to make sure people understand that we are talking about criminal gangs — like the massive syndicate involved in the China case — who are behind the global manufacture and distribution of counterfeit software,” says Finn.
Unraveling Counterfeit Organizations
Donal Keating, Microsoft worldwide senior forensics manager, has devoted his career at Microsoft to developing technologies that uncover counterfeit software. Keating’s work has helped to unravel the mystery behind the world’s largest software counterfeiting crime syndicates and has helped lead to arrests, product seizures and convictions all over the world.
“As a rule, the software counterfeiting business is much like many legal big businesses in their level of organization, manufacturing expertise and sophistication,” says Keating. “The difference is that these organizations also employ many of the same tactics commonly used by criminal rings, such as the use of violence and child labor, and the involvement in other types of crimes.”
Keating has traveled the world providing his expertise to law enforcement at counterfeit production sites under investigation by the police. “Seeing where counterfeit discs are manufactured has helped me see behind the curtain of what the crime syndicates are doing, which in turn has enabled us to develop innovative forensic systems and tools to develop evidence that helps bring them to justice,” he says.
“Ballistic” Forensics for Discs
In the early days, even if Microsoft was able to identify the counterfeiters, it was sometimes difficult to prove with certainty that a particular disc was counterfeit. Beyond that, it was quite difficult to prove the full extent of the criminal activity. These challenges motivated Finn and his team to develop more sophisticated forensic methods of analyzing counterfeit evidence. Microsoft also responded by developing more robust optical disc and print security features such as interactive holograms and embedded threads. “We are now able to match counterfeit discs to the machines that produced them through what I call ballistic forensics, much like police do with markings on bullets,” says Keating. “We are also able to ‘connect the dots’ between pieces of counterfeit to establish the distribution patterns of the crime rings.” These technology innovations led to the dismantling of the largest counterfeit ring in history in a case known as “Operation China Online.”
The China Syndicate
In a landmark case, Microsoft assisted China’s Public Security Bureau and the U.S. Federal Bureau of Investigation in an investigation that led to raids in Southern China of a criminal syndicate believed to have produced more than $2 billion worth of counterfeit Microsoft software. Along with the use of forensic technologies, customers were a critical element in the investigation of this ring as more than 1,000 customers submitted counterfeit copies of their software to Microsoft, which Keating and his team were able to forensically link to the counterfeit syndicate. The counterfeit software came from 36 different countries and included 19 different versions of Microsoft products in 11 languages. Based in significant part on this powerful forensic evidence, a Chinese court convicted 11 members of the ring and sentenced them to the longest prison terms ever handed down in a software counterfeiting case in China. This case made international headlines and will be featured at the Cité des Sciences et de l’Industrie beginning today.
“This case marked a milestone in the fight against software piracy, showcasing how governments, law enforcement and private companies can work together across borders to bring counterfeiters to justice,” said FBI Agent Jason Smolanoff. “Unfortunately, software counterfeiting is a global, illegal business without borders. Criminals may be on the other side of the globe and may not even speak the same language, but they prey upon consumers all over the world.”
* “The Risks of Obtaining and Using Pirated Software,” IDC white paper sponsored by Microsoft, Doc # WP1006GRO, October 2006
DOJ Fights IP Crimes
[ Comments Off ] Posted on 04.26.10 under Government News, Security & Privacy
Department of Justice Announces New Assistant United States Attorneys and FBI Agents to Combat Intellectual Property Crimes
As part of the Department of Justice’s ongoing initiative to confront intellectual property (IP) crimes, Acting Deputy Attorney General Gary G. Grindler announced today the appointment of 15 new Assistant U.S. Attorney (AUSA) positions and 20 FBI Special Agents to be dedicated to combating domestic and international IP crimes.
These new positions – announced on the 10th annual World Intellectual Property Day – are part of the department’s continued commitment to combat the growing number of IP crimes here at home, and abroad. The new AUSA positions will be part of the department’s Computer Hacking and Intellectual Property (CHIP) program.
“Intellectual property law enforcement is central to protecting our nation’s ability to remain at the forefront of technological advancement, business development and job creation,” said Acting Deputy Attorney General Grindler. “The department, along with its federal partners throughout the Administration, will remain ever vigilant in this pursuit as American entrepreneurs and businesses continue to develop, innovate and create.”
The 15 new Assistant U.S. Attorneys will work closely with the Criminal Division’s Computer Crime and Intellectual Property Section (CCIPS) to aggressively pursue high tech crime, including computer crime and intellectual property offenses. The new positions will be located in California, the District of Columbia, Maryland, Massachusetts, Michigan, New Jersey, New York, Pennsylvania, Texas, Virginia and Washington.
The 20 new FBI Special Agents announced today will be deployed to specifically augment four geographic areas with intellectual property squads, and increase investigative capacity in other locations around the country where IP crimes are of particular concern. The four squads will be located in New York, San Francisco, Los Angeles and the District of Columbia. The squads will allow for more focused efforts in particular hot spot areas and increased contact and coordination with our state and local law enforcement partners. The 20 new agents will join the 31 agents devoted to investigating IP crimes who have already been deployed to field offices around the country.
“Theft of intellectual property – from inventions to trademarks and copyrights, to industrial designs and trade secrets – is a worldwide problem. It affects individuals and corporations financially and can threaten public safety. The additional FBI agents will significantly strengthen the efforts of our squads investigating intellectual property rights violations and help bring to justice those who seek to profit from intellectual property theft,” said Assistant Director Gordon M. Snow of the FBI Cyber Division.
Acting Deputy Attorney General Grindler serves as chair of the department’s Task Force on Intellectual Property , which was established earlier this year by Attorney General Eric Holder to coordinate the department’s efforts on IP crimes. The task force focuses on strengthening efforts to combat intellectual property crimes through close coordination with state and local law enforcement partners as well as international counterparts. As part of its mission, the task force works together with the Office of the Intellectual Property Enforcement Coordinator (IPEC), housed in the Executive Office of the President, to implement an Administration-wide strategic plan on intellectual property.
The task force includes representatives from the offices of the Attorney General, the Deputy Attorney General, and the Associate Attorney General; the Criminal Division; the Civil Division; the Antitrust Division; the Office of Legal Policy; the Office of Justice Programs; the Attorney General’s Advisory Committee; the Executive Office for U.S. Attorneys and the FBI.
World Intellectual Property Day was established by the World Intellectual Property Organization (WIPO) to recognize the importance of protecting intellectual property rights and enforcing their laws. Each year on April 26th, WIPO and its member states seek to increase public understanding of intellectual property through activities, events and campaigns.
Non-profit launches project to show malware’s human impact
[ Comments Off ] Posted on 04.20.10 under Security & Privacy
StopBadware Stories encourages people to share their experiences with badware
Cambridge, Mass., April 20, 2010: StopBadware, a non-profit organization that fights computer viruses, spyware, and other badware, announced today the launch of StopBadware Stories, a project to collect and share stories about the effects of badware on people’s lives.
StopBadware defines badware as software that fundamentally disregards a user’s choice about how his or her computer or network connection will be used. Badware includes hidden programs that steal users’ bank account information, downloads that install additional software without the user’s permission, and fake anti-virus applications that present false results to trick users into buying useless or dangerous software.
The StopBadware Stories project is part of an effort to raise awareness of badware as a problem that affects, and is affected by, individual Internet users. There is a perception that badware is just a computer problem, one that can be solved with better technology, said Maxim Weinstein, executive director of StopBadware. The truth is that it is a very human problem. The effects on people’s lives, on businesses’ profits, and on national security are real and extend well beyond the desktop. We hope that these stories will open people’s eyes to the importance of us all working together to combat badware.
StopBadware Stories is an extension of the organization’s online community, BadwareBusters.org, which serves as a forum for people to request help and to discuss ways of combating badware. The site now allows users to submit stories combining text, images, and video. Visitors can browse, rate, comment on, and share each others’ stories. Authors are asked to agree to a Creative Commons license that allows their stories to be remixed, reused, or redistributed for non-commercial use. StopBadware hopes this will expand the creative opportunities for storytellers and broaden the reach of the project’s educational message. That message will also be reinforced through links to information about fighting badware that appear alongside the stories.
The project’s home page can be found at http://badwarebusters.org/stories.
About StopBadware
StopBadware is a non-profit organization that works with its network of individuals and partner organizations including Google, PayPal, and Mozilla to fight back against viruses, spyware, and other badware. The organization began as a project of the Berkman Center for Internet & Society at Harvard University before spinning off as a standalone organization in 2010. It is based in Cambridge, Massachusetts.
FTC to Host Public Roundtable
[ Comments Off ] Posted on 04.19.10 under Government News, Security & Privacy
Roundtable: Whether Technology Changes Warrant Changes to the Children’s Online Privacy Protection Rule
In light of rapidly changing technology such as the increased use of smartphones and other devices to access the Internet, the Federal Trade Commission will host a public roundtable, “Protecting Kids’ Privacy Online: Reviewing the COPPA Rule,” on June 2, 2010 to explore whether to update the Children’s Online Privacy Protection Rule. The Rule was enacted in 2000 and requires Web site operators to obtain parental consent before collecting, using, or disclosing personal information from children under 13. Roundtable topics will include:
* Whether the Rule should be applied to emerging media such as mobile devices, interactive television, and interactive gaming;
* Potential expansion of the Rule to cover more items of information that might be collected from children; and,
* A review of the parental verification methods used by Web site operators.
For a more detailed list of topics, see the Commission’s March 24, 2010 request for public comment on the COPPA Rule, at http://www.ftc.gov/opa/2010/03/coppa.shtm.
The roundtable will be held at the FTC Conference Center at 601 New Jersey Avenue N.W. in Washington, DC. It is free and open to the public. Pre-registration is not required. Members of the public and press who wish to participate but who cannot attend can view a live webcast at ftc.gov.
Individuals and organizations may submit requests to participate as panelists and may recommend topics for inclusion in the agenda. The requests and recommendations should be submitted electronically to childrensprivacyroundtable@ftc.gov. Prospective panelists should submit a statement detailing their expertise on the issues to be addressed and contact information no later than May 5, 2010. Panelists will be selected based on expertise and the need to include a broad range of views.
Reasonable accommodations for persons with disabilities are available upon request. Requests should be submitted via email to cmglothlin@ftc.gov or by calling Carrie McGlothlin at (202) 326-3388. Requests should be made in advance. Please include a detailed description of the accommodation needed, and provide contact information.
The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,800 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC’s Web site provides free information on a variety of consumer topics.